Is Gamma Mcpserver safe to use?

Gamma Mcpserver has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments.

How do I install Gamma Mcpserver?

Gamma Mcpserver supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.

What can Gamma Mcpserver do?

Gamma Mcpserver provides 1 tool: generate-presentation. See the full tools list on the server page for descriptions and parameters.

What AI clients work with Gamma Mcpserver?

Gamma Mcpserver is compatible with claude-desktop, cursor, claude-code. It uses stdio and sse and http transport.

Is Gamma Mcpserver actively maintained?

Gamma Mcpserver is less actively maintained — last commit was 345 days ago. It has 21 GitHub stars.

Gamma Mcpserver

Name: Gamma Mcpserver
Author: nickloveinvesting

@modelcontextprotocol/sdk · by nickloveinvesting

21 36.1M/wk 1 tool GitHub npm

No known CVEs

No license

Stale

Last commit 345d ago

Works with most clients

Transport: stdio, sse, http

1 tool · ~288 tok

Grade A · 0.1% of 200K ctx

Edit this pageView history

Finance

Step 1

Install in your client

Config is the same across clients — only the file and path differ.

Supported in Claude Desktopstdio, sse, http · Node 18+

Paste into ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "gamma-mcpserver": {
      "args": [
        "-y",
        "@modelcontextprotocol/sdk"
      ],
      "command": "npx"
    }
  }
}

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/gamma-mcpserver)](https://mcppedia.org/s/gamma-mcpserver)

Read me

What Gamma Mcpserver does

This document guides you through setting up and running the Gamma MCP (Model Context Protocol) server, which allows you to generate presentations using the Gamma API directly from MCP clients like Anthropic's Claude for Desktop.

Test This Server

Run this in your terminal to verify the server starts. Then let us know if it worked — your result helps other developers.

npx -y '@modelcontextprotocol/sdk' 2>&1 | head -1 && echo "✓ Server started successfully"

After testing, let us know if it worked:

Loading README…

Scored, not listed

Why this score

Five weighted categories — click any category to see the underlying evidence.

Score breakdown

83/100across 5 weighted dimensions

How we score →

0255075100

−17

Security

Maintenance

Efficiency

Documentation

Compatibility

Categoriesclick a row to see evidence

Security

OSV.dev

3 fixed

CVE-2026-25536low · fixedCVSS 3.1

@modelcontextprotocol/sdk has cross-client data leak via shared server/transport instance reuse

### Summary Cross-client data leak via two distinct issues: (1) reusing a single `StreamableHTTPServerTransport` across multiple client requests, and (2) reusing a single `McpServer`/`Server` instance across multiple transports. Both are most common in stateless deployments. ### Impact This advisory covers two related but distinct vulnerabilities. A deployment may be affected by one or both. #### Issue 1: Transport re-use **What happens:** When a single `StreamableHTTPServerTransport` insta

Affected: >= 1.10.0Fixed in 1.26.0source →

CVE-2026-0621medium · fixedCVSS 4

Anthropic's MCP TypeScript SDK has a ReDoS vulnerability

### Impact A ReDoS vulnerability in the `UriTemplate` class allows attackers to cause denial of service. The `partToRegExp()` function generates a regex pattern with nested quantifiers (`([^/]+(?:,[^/]+)*)`) for exploded template variables (e.g., `{/id*}`, `{?tags*}`), causing catastrophic backtracking on malicious input. **Who is affected:** MCP servers that register resource templates with exploded array patterns and accept requests from untrusted clients. **Attack result:** An attacker sen

Affected: >= 0Fixed in 1.25.2source →

CVE-2025-66414medium · fixedCVSS 4

Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default

The Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default for HTTP-based servers. When an HTTP-based MCP server is run on localhost without authentication with `StreamableHTTPServerTransport` or `SSEServerTransport` and has not enabled `enableDnsRebindingProtection`, a malicious website could exploit DNS rebinding to bypass same-origin policy restrictions and send requests to the local MCP server. This could allow an attacker to invoke tools or access re

Affected: >= 0Fixed in 1.24.0source →

Inventory

Tools (1)

Click any tool to inspect its schema.

~288 tokens total

Community

Reviews

Be the first to review

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is Gamma Mcpserver safe to use?: Gamma Mcpserver has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments.
How do I install Gamma Mcpserver?: Gamma Mcpserver supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.
What can Gamma Mcpserver do?: Gamma Mcpserver provides 1 tool: generate-presentation. See the full tools list on the server page for descriptions and parameters.
What AI clients work with Gamma Mcpserver?: Gamma Mcpserver is compatible with claude-desktop, cursor, claude-code. It uses stdio and sse and http transport.
Is Gamma Mcpserver actively maintained?: Gamma Mcpserver is less actively maintained — last commit was 345 days ago. It has 21 GitHub stars.

Similar servers

Others in finance

View all →

Alpha Vantage Mcp95

Real-time financial market data: stocks, forex, crypto, commodities, and economic indicators

158 3

Investor Agent93

A Model Context Protocol server for building an investor agent

329 7

io.github.xkumakichi/xaip-mcp-server92

AI agents get on-chain identity, credentials, reputation, escrow, and persistent memory on XRPL.

io.github.PayRam/payram-helper-mcp91

Remote MCP server to integrate and validate self-hosted PayRam deployments.

155 17

MCP Security Weekly

Get CVE alerts and security updates for Gamma Mcpserver and similar servers.

Community

Discussion

Start a conversation

Ask a question, share a tip, or report an issue.

Has anyone used this with Cursor?How do you handle auth?Any alternatives?

Edit this pageView history

Finance

Step 1

Install in your client

Config is the same across clients — only the file and path differ.

Supported in Claude Desktopstdio, sse, http · Node 18+

Paste into ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "gamma-mcpserver": {
      "args": [
        "-y",
        "@modelcontextprotocol/sdk"
      ],
      "command": "npx"
    }
  }
}

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/gamma-mcpserver)](https://mcppedia.org/s/gamma-mcpserver)

Read me

What Gamma Mcpserver does

Test This Server

Run this in your terminal to verify the server starts. Then let us know if it worked — your result helps other developers.

npx -y '@modelcontextprotocol/sdk' 2>&1 | head -1 && echo "✓ Server started successfully"

After testing, let us know if it worked:

README

Gamma MCP Server

What is Gamma?

Gamma is an AI-powered platform designed to help users create various types of content, with a strong focus on presentations. It leverages artificial intelligence to automatically generate slides, suggest text, and incorporate imagery, allowing for rapid development of polished presentations from simple prompts or existing documents. This MCP server specifically interacts with Gamma's API to bring this presentation generation capability into environments like Claude for Desktop. Check out the Gamma API docs to learn more.

What We'll Be Building

This server exposes a tool to an MCP client (like Claude for Desktop) that can take a prompt and various parameters to generate a presentation using the Gamma API. The server will return a link to the generated presentation.

Core MCP Concepts

Model Context Protocol servers can provide three main types of capabilities:

Resources: File-like data that can be read by clients (like API responses or file contents).
Tools: Functions that can be called by the LLM (with user approval).
Prompts: Pre-written templates that help users accomplish specific tasks.

This server primarily focuses on providing a Tool.

Prerequisite Knowledge

This quickstart assumes you have familiarity with:

Node.js and TypeScript.
LLMs like Anthropic's Claude.
Basic command-line usage.

System Requirements

Node.js (v16 or higher recommended).
npm (Node Package Manager) or yarn.
Access to the Gamma API. You'll need an API key, don't have one? Check out the Gamma API docs to get one.

Set Up Your Environment

Clone the Repository / Get the Code: If this project is in a Git repository, clone it:
```
git clone git@github.com:gamma-app/gamma-mcp-server.git
cd gamma-mcp-server
```
Initialize Your Node.js Project (if not cloned): If you created a new directory, initialize a package.json file:
```
npm init -y
```

Install Dependencies: You'll need the MCP SDK, Zod for validation, node-fetch for API calls, TypeScript, and ts-node to run TypeScript directly.

npm install @modelcontextprotocol/sdk zod node-fetch typescript ts-node @types/node
# or
# yarn add @modelcontextprotocol/sdk zod node-fetch typescript ts-node @types/node

Configure TypeScript: You might want to adjust the tsconfig.json to suit your preferences, but the default should work. Ensure moduleResolution is set to "node" or "node16" / "nodenext" and module is compatible (e.g. "commonjs" if running with ts-node in a CommonJS context, or adjust for ES Modules). The provided src/index.ts uses ES module syntax (import ... from). A common tsconfig.json for ES Modules with Node.js might include:
```
{
  "compilerOptions": {
    "target": "ES2020",
    "module": "ESNext",
    "moduleResolution": "node",
    "esModuleInterop": true,
    "forceConsistentCasingInFileNames": true,
    "strict": true,
    "skipLibCheck": true,
    "outDir": "./dist" // Optional: if you plan to compile
  },
  "include": ["src/**/*"],
  "exclude": ["node_modules"]
}
```
Also, in your package.json, add "type": "module" if you are using ES Modules.
API Key Configuration: The server requires your Gamma API key. We use the dotenv package to load this key from a .env file in the project root.
1. Create a file named .env in the root of your project (e.g., alongside your package.json).
2. Add your Gamma API key to this file like so:

... View full README on GitHub

Loading README…

Scored, not listed

Why this score

Five weighted categories — click any category to see the underlying evidence.

Score breakdown

83/100across 5 weighted dimensions

How we score →

0255075100

−17

Security

Maintenance

Efficiency

Documentation

Compatibility

Categoriesclick a row to see evidence

Security

OSV.dev

3 fixed

CVE-2026-25536low · fixedCVSS 3.1

@modelcontextprotocol/sdk has cross-client data leak via shared server/transport instance reuse

Affected: >= 1.10.0Fixed in 1.26.0source →

CVE-2026-0621medium · fixedCVSS 4

Anthropic's MCP TypeScript SDK has a ReDoS vulnerability

Affected: >= 0Fixed in 1.25.2source →

CVE-2025-66414medium · fixedCVSS 4

Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default

Affected: >= 0Fixed in 1.24.0source →

Inventory

Tools (1)

Click any tool to inspect its schema.

~288 tokens total

Community

Reviews

Be the first to review

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is Gamma Mcpserver safe to use?: Gamma Mcpserver has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments.
How do I install Gamma Mcpserver?: Gamma Mcpserver supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.
What can Gamma Mcpserver do?: Gamma Mcpserver provides 1 tool: generate-presentation. See the full tools list on the server page for descriptions and parameters.
What AI clients work with Gamma Mcpserver?: Gamma Mcpserver is compatible with claude-desktop, cursor, claude-code. It uses stdio and sse and http transport.
Is Gamma Mcpserver actively maintained?: Gamma Mcpserver is less actively maintained — last commit was 345 days ago. It has 21 GitHub stars.